From 3e784e8be906f0b2ec478c48357737d2a7809f2b Mon Sep 17 00:00:00 2001 From: Josh Stone Date: Tue, 9 Oct 2012 09:43:34 -0700 Subject: [PATCH] PR14572: Set s.privilege = unprivileged for stapdyn When running under Dyninst, we are effectively unprivileged by nature, so setting s.privilege to reflect that helps restrict the available probe types. However, we still want to allow guru mode for setting target variables and using embedded-C, so let systemtapr_:session::is_usermodea() pass. * session.cxx (systemtap_session::parse_cmdline): For --runtime=dyninst, set the privilege level too. (systemtap_session::check_options): Allow -g for is_usermode(). * staptree.cxx (varuse_collecting_visitor::visit_embeddedcode): Allow embedded-C unrestricted for is_usermode(). (varuse_collecting_visitor::visit_embedded_expr): Ditto. --- session.cxx | 17 +++++++++++++++-- staptree.cxx | 6 +++++- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/session.cxx b/session.cxx index 4532763c6..bb056ae18 100644 --- a/session.cxx +++ b/session.cxx @@ -1261,7 +1261,16 @@ systemtap_session::parse_cmdline (int argc, char * const argv []) if (optarg == string("kernel")) runtime_mode = kernel_runtime; else if (optarg == string("dyninst")) - runtime_mode = dyninst_runtime; + { + if (privilege_set && pr_unprivileged != privilege) + { + cerr << _("ERROR: --runtime=dyninst implies unprivileged mode only") << endl; + return 1; + } + privilege = pr_unprivileged; + privilege_set = true; + runtime_mode = dyninst_runtime; + } else { cerr << _F("ERROR: %s is an invalid argument for --runtime", optarg) << endl; @@ -1409,12 +1418,16 @@ systemtap_session::check_options (int argc, char * const argv []) cerr << _F("You can't specify %s and %s together.", "-c", "-x") << endl; usage (1); } - if (! pr_contains (privilege, pr_stapdev) && guru_mode) + + // NB: In user-mode runtimes (dyninst), we can allow guru mode any time, but we + // need to restrict guru by privilege level in the kernel runtime. + if (! is_usermode () && ! pr_contains (privilege, pr_stapdev) && guru_mode) { cerr << _F("You can't specify %s and --privilege=%s together.", "-g", pr_name (privilege)) << endl; usage (1); } + if (!kernel_symtab_path.empty()) { if (consult_symtab) diff --git a/staptree.cxx b/staptree.cxx index 63d9b76e0..564ddb995 100644 --- a/staptree.cxx +++ b/staptree.cxx @@ -1942,8 +1942,10 @@ varuse_collecting_visitor::visit_embeddedcode (embeddedcode *s) // Don't allow embedded C functions in unprivileged mode unless // they are tagged with /* unprivileged */ or /* myproc-unprivileged */ + // or we're in a usermode runtime. if (! pr_contains (session.privilege, pr_stapdev) && ! pr_contains (session.privilege, pr_stapsys) && + ! session.is_usermode () && s->code.find ("/* unprivileged */") == string::npos && s->code.find ("/* myproc-unprivileged */") == string::npos) throw semantic_error (_F("function may not be used when --privilege=%s is specified", @@ -1981,9 +1983,11 @@ void varuse_collecting_visitor::visit_embedded_expr (embedded_expr *e) { // Don't allow embedded C expressions in unprivileged mode unless - // they are tagged with /* unprivileged */ + // they are tagged with /* unprivileged */ or /* myproc-unprivileged */ + // or we're in a usermode runtime. if (! pr_contains (session.privilege, pr_stapdev) && ! pr_contains (session.privilege, pr_stapsys) && + ! session.is_usermode () && e->code.find ("/* unprivileged */") == string::npos && e->code.find ("/* myproc-unprivileged */") == string::npos) throw semantic_error (_F("embedded expression may not be used when --privilege=%s is specified", -- 2.43.5